Behavioral task
behavioral1
Sample
71c1a8a108352e68c690397675b1c69c6c288f4dcbf3eae545d8515f83286e96.exe
Resource
win7-20240903-en
General
-
Target
71c1a8a108352e68c690397675b1c69c6c288f4dcbf3eae545d8515f83286e96
-
Size
472KB
-
MD5
b9c0666488adc5c9f431af578f146602
-
SHA1
697b7ea7dc2bea2c63fd790aa0f1f7b7c53276d8
-
SHA256
71c1a8a108352e68c690397675b1c69c6c288f4dcbf3eae545d8515f83286e96
-
SHA512
eb00e5dabeb39e35d8e6b39b542646b0e0a2c0361949a3bce29c22fe6c40c5eacbe201be25e254caa4b99a464d7393e0d383f73c560e3d4bbf9abf0db762b22a
-
SSDEEP
3072:tG8RinudiP52xx67lLdFiHDoCZR69Eel415kYEN:ZkgiPA6R/PuTnEN
Malware Config
Signatures
-
Berbew family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 71c1a8a108352e68c690397675b1c69c6c288f4dcbf3eae545d8515f83286e96
Files
-
71c1a8a108352e68c690397675b1c69c6c288f4dcbf3eae545d8515f83286e96.exe windows:1 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 52KB - Virtual size: 52KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: 124KB - Virtual size: 124KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.flh Size: 268KB - Virtual size: 268KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ